We’ve had some requests recently from customers for some examples to show how to use Approov tokens with an ASP.Net Core 2.0 back end. In this blog I’ll walk you through adding the check to a basic API. It’s really straight forward! Thanks to Jon Hilton for this great blog which formed the basis for this example.

Steps

Require Authentication for our API controllers

Configure JWT Auth in startup.cs

Require Authentication

We need to add the [Authorize] attribute to get our API to check for some authentication.

Configure JWT Auth

Approov tokens are JWTs. To add JWT auth you need to configure it in startup.cs.

The Approov Token Secret bytes are stored as a base64 encoded string, to use the secret we must decode it back into bytes. If _configuration is missing you can include with the constructor.

To see how this all fits in to an application you can see the full example on GitHub.